Windows Update

Windows Update

A component of Microsoft Windows
Windows Update in Windows Vista.
Details
Type	Network service
Included with	98, Me, 2000, XP, 2003, Vista, 2008
Service name	wuauserv
Description	Windows Update
Related components
BITS, Windows Installer, Internet Explorer

Windows Update is a service provided by Microsoft for users of Microsoft Windows which provides updates for the operating system and its installed components. Microsoft Update is an optional feature that can be enabled to provide updates for other Microsoft software installed on a Windows computer, such as Microsoft Office, Windows Live applications, and Microsoft Expression.

Security updates are delivered by the Windows Update service on the second Tuesday of each month (Patch Tuesday). However, security updates can be delivered whenever a software update is required to prevent an exploit targeting Windows users. Windows Update can be configured to automatically install updates, ensuring that a computer is always up-to-date and not vulnerable to computer worms and other such malware.

Windows Vista and Windows Server 2008 provide a Control Panel to configure update settings and check for updates. The Windows Update Control Panel is also the means to download Windows Ultimate Extras (optional software offered to users of Windows Vista Ultimate Edition). For previous versions of Microsoft Windows, updates can be downloaded from the Windows Update website, using Internet Explorer.

Contents 1 Components 1.1 Windows Update web site 1.2 Critical Update Notification tool 1.3 Automatic Updates 1.4 Microsoft Update 1.5 Windows Vista and Windows Server 2008 2 Statistics 3 Versions 4 See also 5 References 6 External links

Components

Windows Update web site

Windows Update was first introduced with the launch of Windows 98 as a web site. A link to Windows Update was placed on the Start Menu, which gave the user access to additional downloads for the operating system. At the time of Windows 98's release, Windows Update offered additional desktop themes, games, device driver updates, and optional components such as NetMeeting.^[1] While the initial focus of Microsoft's marketing of Windows Update was to focus on free add-ons and new technologies Windows, security fixes for Outlook Express, Internet Explorer and other applications would later appear, as well as access to beta versions of upcoming Microsoft software, most notably Internet Explorer 5. Fixes to Windows 98 to resolve the Year 2000 problem were also distributed using Windows Update in December 1998. Microsoft attributed the sales success of Windows 98 in part to Windows Update.^[2]

Windows Update requires Internet Explorer or a third-party web browser that uses Microsoft's MSHTML layout engine. This necessity stems from the use of an ActiveX control to house the software that is executed on the user's computer. While the underlying implementation details have changed from version to version, its basic purpose of scanning the user's computer to see what operating system components and software is installed, and comparing the versions of those components with what is offered by Windows Update. The ActiveX component then interfaces with Windows Installer in order to install or update those components, and to report the success or failure of those installations back to Microsoft's servers.

The first version of the Windows Update web site (usually referred to as "v3") did not require any personally identifiable information to be sent to Microsoft. In order for the v3 ActiveX control to determine what updates were needed, the entire list of available software on Windows Update was downloaded to the user's computer when they visited the Windows Update web site. As the number of updates offered by Windows Update grew, this resulted in performance concerns. Arie Slob, writing for the Windows-help.net newsletter in March 2003 noted that the size of the update list had exceeded 400KB, which caused delays of more than a minute for dial-up users.^[3]

Windows Update v4, released in conjunction with Windows XP in 2001, changed this by having the ActiveX control submit a list of the hardware components to Microsoft's servers, which then returns a shortened list of device drivers that are available for that machine. It also narrowed down the list of available updates for the operating system and related components by sending details of what operating system version, service pack, and locale are installed. German technology web site tecchannel.de published an analysis of the Windows Update communication protocol in February 2003, which received wide attention on technology web sites. The report, which was the first to contain extensive details of how the Windows Update communication protocol worked, also discovered that the make and model of the computer, the amount of free disk space, and the Windows product key.^[4]

Critical Update Notification tool

Shortly after the release of Windows 98, Microsoft released a Critical Update Notification tool through Windows Update, which installed a background tool on the user's computer that checked the Windows Update web site on a regular schedule for new updates that have been marked as "Critical". By default, this check occurred every five minutes, and when Internet Explorer was started, though the user could configure the next check to occur only at certain times of the day or on certain days of the week. The check was performed by querying the server for a file, "cucif.cab", which contains a list of all the critical updates released for the user's operating system. The Critical Update Notification tool then compared this list with the list of installed updates on the user's machine, and displayed a message to the user informing them of new critical updates if they were available. Once the check executed, any custom schedule defined by the user was reverted to the default; Microsoft stated that this was by design in order to ensure that users received notification of critical updates in a timely manner.^[5]

An analysis done by security researcher H D Moore in early 1999 was critical of this approach, describing it as "horribly inefficient" and susceptible to attacks. In a posting to BugTraq, he explained that, "every single Windows 98 computer that wishes to get an update has to rely on a single host for the security. If that one server got compromised one day, or an attacker cracks the MS DNS server again, there could be millions of users installing trojans every hour. The scope of this attack is big enough to attract crackers who actually know what they are doing..."^[6]

The Critical Update Notification tool continued to be promoted by Microsoft through 1999 and the first half of 2000. Initial releases of Windows 2000 shipped with the tool, but Windows 95 and Windows NT 4.0 were never supported.

Automatic Updates

With the release of Windows Me in 2000, Microsoft introduced Automatic Updates as a replacement for the Critical Update Notification tool. Unlike its predecessor, Automatic Updates includes the ability to download and install updates without using a web browser. Instead of the 5 minute schedule used by its predecessor, the Automatic Updates client checks the Windows Update servers once a day. The user is given the option to download available updates then prompt the user to install them, or to notify the user prior to downloading any available updates. After Windows Me is installed, the user is prompted via a notification balloon to configure the Automatic Updates client.

The Windows Update web site itself was significantly updated to match the visual style of Windows Me.

Windows XP and Windows 2000 Service Pack 3 include Background Intelligent Transfer Service, a protocol for transferring files in the background without user interaction. As a system component, it is capable of monitoring the user's Internet usage, and throttling its own bandwidth usage in order to prioritize user-initiated activities. The Automatic Updates client for these operating systems was updated to use this system service.

By the beginning of 2005, Windows Update was being accessed by about 150 million people,^[7] with about 112 million of those using Automatic Updates.^[8]

Microsoft Update

At the February 2005 RSA Conference, Microsoft announced the first beta of Microsoft Update, an optional replacement for Windows Update that provides security patches, service packs and other updates for both Windows and other Microsoft software.^[9] The initial release in June 2005 provided support for Microsoft Office 2003, Exchange 2003, and SQL Server 2000, running on Windows 2000, XP, and Server 2003. Over time, the list has expanded to include other Microsoft products, such as Windows Defender, Visual Studio, Virtual Server, and other server products. It also offers Silverlight as an optional download.

Windows Vista and Windows Server 2008

In Windows Vista and Windows Server 2008, the web site is no longer used to provide a user interface for selecting and downloading updates. In its place, the Automatic Updates control panel has been expanded to provide similar functionality. Support for Microsoft Update is also built into the operating system, but is off by default. The revised Windows Update can also be set automatically download and install both Important and Recommended updates. Such updates were only available through the Windows Update web site in prior versions of Windows.

In prior versions of Windows, updates requiring a reboot would pop up a dialog box requesting that the user reboot their machine every number of specified minutes.^[10] This dialog box was changed to allow the user to select a longer period of time (up to 4 hours) before being prompted again. The revised dialog box also displays under other applications, instead of on top of them.

Windows Update also makes use of Transactional NTFS, a file system feature introduced with Windows Vista, when performing updates to Windows system files. This feature helps Windows recover cleanly in the event of an unexpected shut-down during an update, as the transactioning system will ensure that changes are committed to the file system in an atomic fashion.^[11]

Statistics

As of 2008, Windows Update has about 500 million clients, processes about 350 million unique scans per day, and maintains an average of 1.5 million simultaneous connections to client machines.^[12] On Patch Tuesday, the day Microsoft typically releases new software updates, outbound traffic can exceed 500 gigabits per second. Approximately 90% of all clients use the Automatic Updates method to initiate software updates, with the remaining 10% using the Windows Update web site. The web site is built using ASP.NET, and processes an average of 60,000 page requests per second.

Versions

There have been five major versions of the Windows Update web site since its introduction in 1998.

• Version 3 - Released in 1998 in conjunction with Windows 98. It only supports Windows 95 and Windows NT 4 now.

• Version 4 - Released in October 2001 in conjunction with Windows XP. Support for Windows 2000 was added June 2002, and support for Windows 98 and Me were added shortly afterwards. Currently it only supports Windows 98 and ME.
  • A new method of determining which updates are needed, resulting in significantly smaller downloads, but requires information about the client computer to be sent to Microsoft.

• Version 5 - Released August 2004 in conjunction with Windows XP Service Pack 2. Support for Windows 2000 and Windows Server 2003 was added in 2005. New features:^[13]
  • New "high-priority" classification for selected updates
  • Addition of an "Express" installation option that automatically selects high-priority updates to be installed
  • Ability to hide updates that the user doesn't want to see
  • More detailed information on the purpose and details of device driver and other updates, including links to relevant web sites
  • Removal of the necessity to install certain updates (such as DirectX) separately from other updates
  • Packaging changes to reduce the size of update downloads

• Version 6 - Released June 2005. It supports Windows 2000, XP and Server 2003. New features:
  • Revised visuals to match the design of other Microsoft web sites
  • Introduction of Microsoft Update, providing security and other updates for other Microsoft products
  • Windows Genuine Advantage integration. If a computer was determined by the tool to not be "genuine" according to the WGA tool, Windows Update would no longer offer any updates other than critical security fixes.

• Version 7 - Released 2006. It supports Windows 2000, XP Server 2003, Vista and Server 2008. New features:
  • Vista Opt-in support

See also

• Windows Server Update Services

References

External links

• Windows Update
• Latest Computer Security Updates: Summary - Microsoft Security / RSS
• Microsoft Technical Security Notifications

Windows Components Core Aero · ClearType · Desktop Window Manager · DirectX · Explorer · Taskbar · Start menu · Shell (namespace · Special Folders · File associations) · Search (Saved search · iFilters) · Graphics Device Interface · Imaging Format · .NET Framework · Server Message Block  · XML Paper Specification · Active Scripting (WSH · VBScript · JScript) · COM (OLE · OLE Automation · DCOM · ActiveX · ActiveX Document · Structured storage · Transaction Server) · Previous Versions · Win32 console Management tools Backup and Restore Center · command.com · cmd.exe · Control Panel (Applets) · Device Manager · Disk Cleanup · Disk Defragmenter · Event Viewer · Management Console · Netsh · Problem Reports and Solutions · Sysprep · System Configuration · Task Manager · System File Checker · System Restore · Windows Installer · PowerShell · Windows Update · WinSAT · Windows Easy Transfer · System Policy Editor Applications Calculator · Calendar · Character Map · Contacts · DVD Maker · Fax and Scan · Internet Explorer · Journal · Mail · Magnifier · Media Center · Media Player · Meeting Space · Mobile Device Center · Mobility Center · Movie Maker · Narrator · Notepad · Paint · Photo Gallery · Private Character Editor · Remote Assistance · Sidebar · Snipping Tool · Sound Recorder · Speech Recognition · WordPad Games Chess Titans · FreeCell · Hearts · Hold 'Em · InkBall · Mahjong Titans · Minesweeper · Purble Place · Solitaire · Spider Solitaire  · Tinker Kernel Ntoskrnl.exe · hal.dll · System Idle Process · Svchost.exe · Registry · Windows service · Service Control Manager · DLL · EXE · NTLDR / Boot Manager · Winlogon · Recovery Console · I/O · WinRE · WinPE · Kernel Patch Protection Services Autorun · BITS · Task Scheduler · Wireless Zero Configuration · Shadow Copy · Error Reporting · Multimedia Class Scheduler · CLFS File systems NTFS (Hard link · Junction point · Mount Point · Reparse point · Symbolic link · TxF · EFS) · FAT32·FAT16·FAT12 · exFAT · CDFS · UDF · DFS · IFS Server Domains · Active Directory · DNS · Group Policy · Roaming user profiles · Folder redirection · Distributed Transaction Coordinator · MSMQ · Windows Media Services · Rights Management Services · IIS · Terminal Services · WSUS · Windows SharePoint Services · Network Access Protection · DFS Replication · Remote Differential Compression · Print Services for UNIX · Remote Installation Services · Windows Deployment Services · System Resource Manager · Hyper-V Architecture NT series architecture · Object Manager · Startup process (Vista) · I/O request packets · Kernel Transaction Manager · Logical Disk Manager · Security Accounts Manager · Windows Resource Protection · LSASS · CSRSS · SMSS · MinWin Security UAC · BitLocker · Defender · DEP · Protected Media Path · Mandatory Integrity Control · UIPI · Windows Firewall · Security Center Compatibility Unix subsystem (Microsoft POSIX  · Interix) · Virtual DOS machine · Windows on Windows · WOW64